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DETAILED ACTION 

RESPONSE TO ARGUMENTS 

1 . Applicant's arguments filed 02/16/2009 have been fully considered but 
they are not persuasive. Currently, claims 22-30 are cancelled; claims 32-40 are 
withdrawn; and claims 1-21 and 31 are pending for examination. 

2. In response to applicant's arguments (on pages 8-9) with regard to the 
independent claim 21 (currently amended by the applicant to be claim 31) 
rejected under 35 U.S.C. 101 that independent claim is statutory because a 
medium (i.e. wireless medium) that store a signal wave is statutory subject 
matter; applicant's arguments have fully been considered, but are not found to be 
persuasive. 

The examiner respectfully disagrees, because in accordance to the 
Specification paragraph [0074], the claimed computer readable medium is the 
signal wave; as the computer readable medium is the connection, wherein the 
connection is constructed by the signal wave; and in accordance to the 
conclusion in In re Nuijten, "A transitory, propagating signal like Nuijten's is not a 
"process, machine, manufacture, or composition of matter." Those four 
categories define the explicit scope and reach of subject matter patentable under 
35 U.S.C. §101; thus, such a signal cannot be patentable subject matter ...;" 
therefore, the computer readable medium which is the signal wave is non- 
statutory subject matter. 
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3. In response to applicant's arguments (on pages 9-10) with regard to the 
independent claim 1 rejected under 35 U.S.C. 103(a) that the combination of the 
references does not teach/suggest the claimed limitation "receiving a call from an 
external object to a first interface of a target object," because Scheifler do not 
teach permissions are obtained at the target object, and Colburn does not teach 
the claimed limitation "at the target determining whether the external object has 
access to other interfaces of the target object based on the call to the first 
interface"; applicant's arguments have fully been considered, but are not found to 
be persuasive. 

Please note that one cannot show nonobviousness by attacking 
references individually where the rejections are based on combinations of 
references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re 
Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). 

The examiner respectfully disagrees that the combination of the 
references does not teach the above claimed feature, as the combination of 
Scheifler and Colburn teach the above claimed feature as following: 

Scheifler teaches a system and a method comprising: 

receiving a call from an external thread (Fig. 6, ref. 620) to a first interface 
(e.g. write to any file in a directory, such as "c:/") of a target object (Fig. 6, ref. 
4500-1 ) (Fig. 1 ; Fig. 4-5; col. 4, 1. 51 to col. 5, 1. 3 and col. 9, 1. 1 1 to col. 14, 1. 
38); and 
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determining whether the external thread has access to other interfaces 
(e.g. write to any specific file in the directory, such as "c:/thisfile") of the target 
object based on the call received at the first interface (Fig. 4-5 and col. 1 1 , 1. 20 
to col. 13, 1. 45), wherein the determination is in association with implied 
permission. 

Colburn teaches a system and a method comprising: 

a call received from an object (Fig. 5, ref. 100) and determining at a target 
object (Fig. 8, ref. 160) access to other interfaces (col. 1, 1. 12 to col. 3, 1. 45; col. 
7, II. 26-52 and col. 1 1 , II. 25-51 ), by combining Colburn with Scheifler 's above 
teaching of implied permission, the resulting combination further teaches the 
target object implementing access authorization in association with implied 
permission to other interfaces. 

I. ELECTION / RESTRICTIONS 

4. Newly submitted claims 32-40 are directed to an invention that is 
independent or distinct from the invention originally claimed for the following 
reasons: 

Currently application contains claims directed to the following patentably 
distinct species of the claimed invention: 

Specie I: Claims 1-21 and 31 are directed to Figure 6. 
Specie II: Claims 32-40 are directed to Figure 8. 
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Applicant is required under 35 U.S.C. 121 to elect a single disclosed 
species for prosecution on the merits to which the claims shall be restricted if no 
generic claim is finally held to be allowable. Currently, there is no generic claim. 

Since applicant has received an action on the merits for the originally 
presented invention, this invention has been constructively elected by original 
presentation for prosecution on the merits. Accordingly, claims 32-40 are 
withdrawn from consideration as being directed to a non-elected invention. See 
37 CFR 1.142(b) and MPEP § 821.03. 

II. REJECTIONS BASED ON 35 U.S.C. 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or 
composition of matter, or any new and useful improvement thereof, may obtain a patent 
therefor, subject to the conditions and requirements of this title. 

5. Claim 21 is rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. As "computer readable medium" can be 
signal wave (i.e. wireless medium) along (Specification, [0074]), wherein signal 
wave is non-statutory subject matter. 

III. REJECTIONS BASED ON PRIOR ART 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 1 02 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
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obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

6. Claims 1-21 and 31 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Scheifler et al. (US Patent 6,138,238) in view of Colburn et al. 
(US Patent 6,173,404). 

7. As per claims 1 , 20-21 and 31 , Scheifler teaches a method, a system and 
a computer readable medium storing instructions for controlling a computer 
device for controlling access to an object in an operating system, the method, 
system and computer readable medium comprising: 

a module configured means for receiving a call from an external thread 
(Fig. 6, ref. 620) to a first interface (e.g. write to any file in a directory, such as 
"c:/") of a target object (Fig. 6, ref. 4500-1 ) (Fig. 1 ; Fig. 4-5; col. 4, 1. 51 to col. 5, 1. 
3 and col. 9, 1. 11 to col. 14, 1. 38); 

a module configured with means for determining whether the external 
thread has access to other interfaces (e.g. write to any specific file in the 
directory, such as "c:/thisfile") of the target object based on the call received at 
the first interface (Fig. 4-5 and col. 11,1. 20 to col. 13, 1. 45), wherein the 
determination is in association with implied permission; and 

a module configured with means for to grant access to the other interfaces 
according to the determination (Fig. 4-5 and col. 11, 1. 20 to col. 13, 1. 45). 
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Scheifler does not expressly teach the method, system and computer 
readable medium comprising: wherein the call from an object; and determining at 
the target object access to the other interfaces; 

Colburn teaches the method, system and computer readable medium 
comprising: a call received from an object (Fig. 5, ref. 100) and determining at a 
target object (Fig. 8, ref. 160) access to other interfaces (col. 1 , 1. 12 to col. 3, 1. 
45; col. 7, II. 26-52 and col. 11, II. 25-51), in combination with Scheifler 's above 
teaching of implied permission, the resulting combination further teaches the 
target object implementing access authorization in association with implied 
permission to other interfaces. 

It would have been obvious for one of ordinary skill in this art, at the time 
of invention was made to include Colburn 's inter-object security scheme into 
Scheifler 's object for the benefit of implementing a more robust security scheme 
between objects ( Colburn , col. 3, II. 34-37) to obtain the invention as specified in 
claims 1 and 19-21. 

8. As per claim 2, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Colburn further teaches the method comprising 
wherein determining whether the external object has access to other interfaces of 
the target object further comprises examining a security policy ( Colburn , Fig. 8, 
ref. 184, 194) contained within the target object ( Colburn , Fig. 8, ref. 160) 
( Colburn . Fig. 7A-7B; Fig. 8 and col. 11, 1. 25 to col. 12, 1. 58). 
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9. As per claim 3, Scheifler and Colburn teach all the limitation of claim 2 as 
discussed above, wherein Colburn further teaches the method comprising 
wherein the security policy is contained entirely within the target object ( Colburn , 
Fig. 8). 

1 0. As per claim 4, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Scheifler further teaches the method further 
comprising determining whether the external object and the target object operate 
in a same process (e.g. same class of valid digital signature or not) ( Scheifler , 
col. 9, 1. 52 to col. 11, 1. 19). 

11. As per claim 5, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Scheifler further teaches the method comprising 
wherein determining whether the external object has access to the other 
interfaces of the target object further comprises: identifying the other interfaces of 
the target object that can be accessed when the first interface is being requested 
by the external object ( Scheifler , col. 11, 1. 20 to col. 13, 1. 45), as the other 
interfaces must be identified in order to proper grant the permission via the 
implied permission. 

12. As per claim 6, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method further comprising 
determining a first process of the target object ( Scheifler . col. 9, 1. 52 to col. 1 1 , 1. 
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19 and Colburn , Fig. 8; Fig. 10; col. 1, 1. 12 to col. 3, 1. 45), such as determining 
whether the target object's first process corresponds to either valid digital 
signature with known keys or digital signature that cannot be verified thus a 
default key is utilized. 

1 3. As per claim 7, Scheifler and Colburn teach all the limitation of claim 6 as 
discussed above, wherein both further teach the method further comprising 
determining a second process of the external object ( Scheifler , col. 9, 1. 52 to col. 
11,1. 19 and Colburn , Fig. 8; Fig. 10; col. 1, 1. 12 to col. 3, 1. 45), such as 
determining whether the external object's second process corresponds to either 
valid digital signature with known keys or digital signature that cannot be verified 
thus a default key is utilized. 

14. As per claim 8, Scheifler and Colburn teach all the limitation of claim 7 as 
discussed above, wherein both further teach the method further comprising 
performing a cross-process communication between the target object and the 
external object ( Scheifler , col. 9, 1. 52 to col. 11,1. 19 and Colburn . Fig. 8; Fig. 10; 
col. 1, 1. 12 to col. 3, 1. 45; col. 13, 1. 44 to col. 14, 1. 34), such as allowing 
restrictive access to the target object as the target object is under valid digital 
signature process and the external object is not under valid digital signature 
process. 
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1 5. As per claim 9, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method further comprising 
securing a channel for each interface of the target object ( Scheifler , col. 9, 1. 52 to 
col. 1 1, 1. 19 and Colburn , Fig. 8; Fig. 10; col. 1,1.12 to col. 3, 1. 45; col. 13, 1. 44 
to col. 14, 1. 34), as the channel is secured via a cryptographic key over a 
network between client and server. 

16. As per claim 1 0, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method comprising wherein 
determining whether the external object has access to the other interfaces of the 
target object further comprises analyzing access constraints within the target 
object ( Scheifler , col. 11, 1. 20 to col. 13, 1. 45 and Colburn . Fig. 7A-7B; Fig. 8; 
col. 13, 1. 44 to col. 14, 1. 34), as the analyzing of the implied permission is 
located within the target object. 

1 7. As per claim 1 1 , Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method further comprising 
analyzing interface access data stored within the target object ( Scheifler , col. 11, 
I. 20 to col. 13, 1. 45 and Colburn . Fig. 7A-7B; Fig. 8; col. 13, 1. 44 to col. 14, 1. 
34). 



18. As per claim 1 2, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method further comprising 
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determining whether the target object and the external object are in a same 
protection domain ( Scheifler , Fig 4; col. 11, 1. 20 to col. 13, 1. 45 and Colburn , Fig. 
8). 

1 9. As per claim 1 3, Scheifler and Colburn teach all the limitation of claim 1 2 
as discussed above, wherein both further teach the method comprising wherein 
the protection domain is a process ( Scheifler , Fig 4 and col. 9, 1. 52 to col. 13, 1. 
45 and Colburn , Fig. 8), wherein the process is associated with valid digital 
signature and un-validated digital signature. 

20. As per claim 14, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Colburn further teaches the method comprising 
wherein the target object sets the target object's own security policy ( Colburn , 
Fig. 8), the target object sets the target object's own security policy as the access 
constraints and access authorization resides within the target object. 

21 . As per claim 1 5, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Scheifler further teaches the method comprising 
wherein determining whether the external object has access to the other 
interfaces further comprises determining capabilities of the external object 
( Scheifler , col. 9, 1. 52 to col. 13, 1. 45), as the capability corresponds to the 
capability of transferring data along with the know key or without the know key. 
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22. As per claim 1 6, Scheifler and Colburn teach all the limitation of claim 1 5 
as discussed above, wherein Colburn further teaches the method comprising 
further comprising mapping capabilities of the external object to the other 
interfaces of the target object ( Scheifler , col. 9, 1. 52 to col. 13, 1. 45), such as 
mapping the capability of transferring data with the know key to other interfaces 
for grater access. 

23. As per claim 1 7, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method comprising wherein the 
target object and the external object are created using a same methodology (e.g. 
object oriented by Java) ( Scheifler , col. 9, 1. 52 to col. col. 11,1. 19 and Colburn . 
col. 1,1. 12 to col. 3, 1. 45). 

24. As per claim 18, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Colburn further teaches the method comprising 
wherein the target object and the external object are views in a view hierarchy 
( Colburn . col. 1,1. 12 to col. 3, 1. 45). 

25. As per claim 1 9, Scheifler and Colburn teach all the limitation of claim 1 8 
as discussed above, wherein Colburn further teaches the method comprising 
wherein a view has a parent calling interface, a child calling interface, and a child 
managing interface ( Colburn , col. 6, II. 29-52), as the hierarchal relation between 
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parent-child is well known with the corresponding above interfaces for the parent 
and the child. 
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IV. CLOSING COMMENTS 

Conclusion 

a. STATUS OF CLAIMS IN THE APPLICATION 

The following is a summary of the treatment and status of all claims in the 
application as recommended by M.P.E.P. 707.07(i): 

ad) CLAIMS REJECTED IN THE APPLICATION 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of 
time policy as set forth in 37 CFR 1 .1 36(a). 

A shortened statutory period for reply to this final action is set to expire 
THREE MONTHS from the mailing date of this action. In the event a first reply is 
filed within TWO MONTHS of the mailing date of this final action and the advisory 
action is not mailed until after the end of the THREE-MONTH shortened statutory 
period, then the shortened statutory period will expire on the date the advisory 
action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be 
calculated from the mailing date of the advisory action. In no event, however, will 
the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

b. DIRECTION OF FUTURE CORRESPONDENCES 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Chun-Kuan (Mike) Lee whose telephone 
number is (571) 272-0671 . The examiner can normally be reached on 8AM to 
5PM. 
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IMPORTANT NOTE 



If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Alford Kindred can be reached on (571) 272-4037. The 
fax phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
9199 (IN USA OR CANADA) or 571-272-1000. 



/C.K.L./ 



April 28, 2009 



Chun-Kuan (Mike) Lee 

Examiner 

Art Unit 2181 



/Alford W. Kindred/ 



Supervisory Patent Examiner, Art Unit 2181 



